WOL over internet help

[Engineer]

Originally posted by: Gillbot
All machines I want to use WOL on have a manually set IP address.

With the machines on, I can see the magic packet arriving if it is sent locally or through the depicus site.

I'll need to double check the other setting but on mine, I was told to unckeck the "allow this decide to be turned off" portion. Maybe I need to re-enable that, though I fail to see how that would make a difference. It has to be something in the router not allowing it through properly when the machine is powered off.

I don't know if it makes a difference, but if you set "Static DHCP" (under Basic Settings) in tomato by IP and MAC, the same IP will be assigned to that MAC address "every" time (reserved IP for that MAC address). I'm using a static DHCP entry for each PC and then letting the PC pull the information from the router. That's one of the few differences that I can see from your setup to mine. I have no idea if it matters (really shouldn't but you never know).

 

[Gillbot]

Originally posted by: Engineer

Originally posted by: Gillbot
All machines I want to use WOL on have a manually set IP address.

With the machines on, I can see the magic packet arriving if it is sent locally or through the depicus site.

I'll need to double check the other setting but on mine, I was told to unckeck the "allow this decide to be turned off" portion. Maybe I need to re-enable that, though I fail to see how that would make a difference. It has to be something in the router not allowing it through properly when the machine is powered off.

I don't know if it makes a difference, but if you set "Static DHCP" (under Basic Settings) in tomato by IP and MAC, the same IP will be assigned to that MAC address "every" time (reserved IP for that MAC address). I'm using a static DHCP entry for each PC and then letting the PC pull the information from the router. That's one of the few differences that I can see from your setup to mine. I have no idea if it matters (really shouldn't but you never know).

So you have that info in the router, and the machine set to Auto/by DHCP?

 

[Engineer]

Originally posted by: Gillbot

Originally posted by: Engineer

Originally posted by: Gillbot
All machines I want to use WOL on have a manually set IP address.

With the machines on, I can see the magic packet arriving if it is sent locally or through the depicus site.

I'll need to double check the other setting but on mine, I was told to unckeck the "allow this decide to be turned off" portion. Maybe I need to re-enable that, though I fail to see how that would make a difference. It has to be something in the router not allowing it through properly when the machine is powered off.

I don't know if it makes a difference, but if you set "Static DHCP" (under Basic Settings) in tomato by IP and MAC, the same IP will be assigned to that MAC address "every" time (reserved IP for that MAC address). I'm using a static DHCP entry for each PC and then letting the PC pull the information from the router. That's one of the few differences that I can see from your setup to mine. I have no idea if it matters (really shouldn't but you never know).

So you have that info in the router, and the machine set to Auto/by DHCP?

Yes.

 

[mxnerd]

I found one IP directed-broadcast article mentioned by spidey07 here

http://rivalino.multiply.com/j.../Ip_directed-broadcast

According to the article, and the links by Jack, i thought i should configure something like this

My DD-WRT port forwarding

application from protocol ip to
WANWOL 1234 UDP 192.168.1.20 7 (192.168.1.20 is the LAN machine you want to wake up)

and for WOL over internet web service, I should enter something like

MAC 11:22:33:44:55:66 (MAC address of LAN machine I want to wake up)
IP 20.21.22.23 (Router IP)
subnet 255.255.255.255 (not 255.255.255.0)
port 1234

the magic packet sent from a remote machine to router IP 20.21.22.33
FF:FF:FF:FF:FF:FF + 11:22:33:44:55:66 + 11:22:33:44:55:66 + ... + 11:22:33:44:55:66 (repeated 16 times) was finally picked up by magic sniffer!

Magic sniffer can be picked up at the following links.
http://www.profshutdown.com/download/wolsniffer.zip
http://www.depicus.com/wake-on...ke-on-lan-monitor.aspx

I don't have a second live machine at home this time to verify it. But since magic sniffer picked up the packet correctly, i think it will work.

I'll verify it another day when my the other machine is fixed.

Hope it helps.

 

[Engineer]

Originally posted by: mxnerd


and for WOL over internet web service, I should enter something like

MAC 11:22:33:44:55:66 (MAC address of LAN machine I want to wake up)
IP 20.21.22.23 (Router IP)
subnet 255.255.255.255 (not 255.255.255.0)
port 1234

I posted the 255.255.255.255 on a previous page of this thread. I mentioned that it would spam the cable company network if I didn't narrow it down to my particular IP with the 255.255.255.255 masking subnet.

Originally posted by: Engineer
7. Proceeded to the magic packet webpage. Entered IP (of cable modem - found in router status) and used IP Subnet of 255.255.255.255 (to force exact match of PC to send to and not send to "range" of PC's on the cable company's network) and then entered port 7 or port 1. Tested each individually and both woke fine.

But...since I didn't see where Spidey posted it, It could have been before I posted this one. The only reason that I changed from .000 to .255 was the page that Gillbot posted in the OP gave me the address that it was sending the magic packet to when entering the information and I noted that it didn't match the IP that I had placed into the destinition box until I narrowed it down to the exact IP using a .255 subnet mask.

 

[mxnerd]

Originally posted by: Engineer

I posted the 255.255.255.255 on a previous page of this thread. I mentioned that it would spam the cable company network if I didn't narrow it down to my particular IP with the 255.255.255.255 masking subnet.

Yeah, I also finally noticed that at this same web page
http://www.depicus.com/wake-on-lan/woli.aspx

 

[mxnerd]

VERIFIED. It's working!

However, I still prefer logging into my DD-WRT via it's remote https web management page and use its built-in WOL to turn on computers.

I don't want to open one port for each computer that I want to wake up.

 

[JackMDS]

Originally posted by: mxnerd
VERIFIED. It's working!

However, I still prefer logging into my DD-WRT via it's remote https web management page and use its built-in WOL to turn on computers.

I don't want to open one port for each computer that I want to wake up.

Are you sure that you needs one port for each computer?

The depicus Magic packet Util works according to the computer's MAC, so a general broadcast through one port to the LAN should be enough, and then it would pick its own computer according to the MAC number.

However YMMV the one thing that I learned from this Thread is that yet another function (WOL) is not behaving in a standard way when using Entry Level Routers.

 

[Engineer]

Originally posted by: JackMDS


However YMMV the one thing that I learned from this Thread is that yet another function (WOL) is not behaving in a standard way when using Entry Level Routers.

True and from what I can get out of is ...the lacking of the "all broadcast" IP ending in .255. I would bet that it could be incorporated into the 3rd party firmware (DD-WRT, tomato, HyperWRT, etc. ) easily if one knew how to program using linux but that's not me, lol!

I also tried (with NO success) to place a range of IP's on the port forward. No go there.

 

[mxnerd]

Jack, you are right again.

Tested again, I just have to forward the packet to broadcast IP 192.168.1.255, not a specific IP.

So one port only.

The magic packet does not consisted any IP info in there. Just 6 bytes of FF and 16 repeated destination MAC address.

Still, I prefer to use https management to turn on my PC. I just don't want to open ports that's absolutely necessary.

 

[mxnerd]

*UPDATE*

WOL over internet failed again. Besides first 2 or 3 times of success, now it won't function at all. No matter I forward it to specific IP or the braodcast IP 192.168.1.255.

But local WOL works 100%.

I'm giving up this s***. At least for DD-WRT, remote management is the way to go.

 

[Engineer]

Originally posted by: mxnerd
*UPDATE*

WOL over internet failed again. Besides first 2 or 3 times of success, now it won't function at all. No matter I forward it to specific IP or the braodcast IP 192.168.1.255.

But local WOL works 100%.

I'm giving up this s***. At least for DD-WRT, remote management is the way to go.

Looks like you are having the same problem as Gillbot. Damn, maybe I need to test more to see if mine quits after several attempts. Will try later if I get time.

 

[Gillbot]

Yeah, it seems to be a common issue no matter what firmware you run on the router.

I'm having the same exact problem. It works for a period of time, then completely stops. At this point, I'm assuming the only *surefire* solution is opening the router remote management page which I highly prefer NOT to do, but it seems it is the only real solution.

 

[Engineer]

Well shit, now it doesn't work on mine. First try this time and no go. Now I've got a full time obsession thanks to Gillbot, lol!

Well, off to read!

 

[Gillbot]

HAHAHA, my curse is spreading!

 

[spidey07]

Directed broadcasts like that are very old and kind of a no-no. Not surprised the software is having problems with it.

 

[Gillbot]

I'm about one second away from giving up and opening the remote access to my router. I'll just have to put up a password that I have to write down and hope it's strong enough.

 

[Engineer]

I'm playing with PuTTY and a remote SSH login (command line) using secured keys as well as a passphrase. If I can get this to work, I can then issue the command "ether-wake <MAC ADDRESS>" here and it will cause tomato to wake the PC of your choice. Of course, you would be using Putty (or another SSH client) to open a command line link to the router (remotely). This should be a far more secure way to access the router since it would require ssh keys and passphrase.

To those that know this stuff far better than me, please correct me if I'm going offcourse (gently please! ).

Well, it works great (so far) locally. I'm really jumping headfirst into this stuff and will need to see what I can get past the work firewall (i.e. what ports can I get out to the real world and what ports can I not as I don't get to pick and choose, lol). Still cool that it worked locally (acutally, I entered the router using the entry IP and port instead of the local side, but I guess it could have been a "loopback" type of entry).

Finally, curses to Gillbot for getting me interested in this stuff, damnit! :|

 

[Gillbot]

Originally posted by: Engineer
I'm playing with PuTTY and a remote SSH login (command line) using secured keys as well as a passphrase. If I can get this to work, I can then issue the command "ether-wake <MAC ADDRESS>" here and it will cause tomato to wake the PC of your choice. Of course, you would be using Putty (or another SSH client) to open a command line link to the router (remotely). This should be a far more secure way to access the router since it would require ssh keys and passphrase.

Too much effort for me. I want to use the depicus site, their WOL utility or i'll just use the remote browser interface.

 

[Engineer]

Originally posted by: Gillbot

Originally posted by: Engineer
I'm playing with PuTTY and a remote SSH login (command line) using secured keys as well as a passphrase. If I can get this to work, I can then issue the command "ether-wake <MAC ADDRESS>" here and it will cause tomato to wake the PC of your choice. Of course, you would be using Putty (or another SSH client) to open a command line link to the router (remotely). This should be a far more secure way to access the router since it would require ssh keys and passphrase.

Too much effort for me. I want to use the depicus site, their WOL utility or i'll just use the remote browser interface.

Hmm...was just trying to get a "secure" connection t the router as that seemed to be one of the complaints of using the browser interface. I guess a secure password would be OK, but I just can't stomache leaving my router open to the outside world.

On a side note, I can't test it today as I stayed home to play in the ice, lol, but the PuTTy stuff wasn't bad, and it even generated the keys to paste into the router as well as a private key file to take with me to load into the client (remote Putty client that is).


For those that know SSH stuff, I assume that if you don't have a key, you're not going to get in/decode into the router command line interface? Secure? Really?

 

[Gillbot]

I know absolutely nothing about putty or SSH. I'll stick to one open port for gaming and open up the remote admin. SIGH.... I didn't want to but it seems to be the only working option.

 

[Engineer]

Originally posted by: Gillbot
I know absolutely nothing about putty or SSH.

That's how much I knew about it before last night. I know slightly more than I did yesterday though including remote login using SSH with 1024bit keys as well as (in progress) the ability to connect to the router using SSH and use it as a secure proxy to the internet (i.e.

Browser ----> SSH Proxy Client (or something like that) ----> Internet (encrypted now) -----> Router with SSH DAEMON (all websites and other local network stuff now passes back and forth encrypted).

 

[mxnerd]

I really don't understand why so againt using browser via https (traffic is encrypted)?

Millions of websites use https to secure them. And if you already use dyndns to let the world know your router's sub domain name, why so worried about your router being hacked? I would rather use FTP to send my router's current IP to a webpage that I'm the only one who knows it, instead using dyndns.

Firefox can automatically erase cookies & history whenever you close the browser if you let it so.

And you can set a master password. Better yet, you can download portable Firefox at portableapps.com and put it on a secure USB and carry it with you.

If https is really such unsecure, online shopping or online banking system won't use it.

And be sure to use strong password. (consists of letters, numbers and symbols, and longer than 8 charaters), a weak password are meant to be hacked.

You can check it here.

http://www.microsoft.com/prote.../password/checker.mspx


And you can use portable KeePass to keep your various passwords.
http://portableapps.com/apps/utilities/keepass_portable

 

[JackMDS]

Originally posted by: mxnerd
And you can set a master password. Better yet, you can download portable Firefox at portableapps.com and put it on a secure USB and carry it with you.

:thumbsup:

I keep on my Key Chain a 1GB Flash drive.

It is loaded with stand alone applications of all categories.

• Network Management
  
  General Computer management utilities
  
  Internet
  
  Security
  
  Remote Control
  
  Office related

and more.

All of them checked to work Off the Flash Drive with INI files I.e. Not leaving entries on computer that the drive).

I always use it on computers that are Not solely mine.

 

[mxnerd]

You can use this free KeepMePosted and send your router IP address to about anywhere you want.

http://www.elegantlogic.com/KeepMePosted/